Amazon Linux AMI update for tomcat8
| Risk | Medium |
| Patch available | YES |
| Number of vulnerabilities | 2 |
| CVE-ID | CVE-2022-25762 CVE-2022-29885 |
| CWE-ID | CWE-388 CWE-19 |
| Exploitation vector | Network |
| Public exploit | Public exploit code for vulnerability #2 is available. |
| Vulnerable software Subscribe |
Amazon Linux AMI Operating systems & Components / Operating system tomcat8 Operating systems & Components / Operating system package or component |
| Vendor | Amazon Web Services |
Security Bulletin
This security bulletin contains information about 2 vulnerabilities.
1) Error Handling
EUVDB-ID: #VU63299
Risk: Medium
CVSSv3.1: 4.2 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N/E:U/RL:O/RC:C]
CVE-ID: CVE-2022-25762
CWE-ID:
CWE-388 - Error Handling
Exploit availability: No
DescriptionThe vulnerability allows a remote attacker to gain access to sensitive information.
The vulnerability exists due to an error when handling WebSocket connections. If a web application sends a WebSocket message concurrently with the
WebSocket connection closing, it is possible that the application will
continue to use the socket after it has been closed. As a result, subsequent connections can use the
same object concurrently and share data and/or other errors.
Update the affected packages:
noarch:Vulnerable software versions
tomcat8-jsp-2.3-api-8.5.81-1.91.amzn1.noarch
tomcat8-javadoc-8.5.81-1.91.amzn1.noarch
tomcat8-lib-8.5.81-1.91.amzn1.noarch
tomcat8-webapps-8.5.81-1.91.amzn1.noarch
tomcat8-8.5.81-1.91.amzn1.noarch
tomcat8-el-3.0-api-8.5.81-1.91.amzn1.noarch
tomcat8-log4j-8.5.81-1.91.amzn1.noarch
tomcat8-docs-webapp-8.5.81-1.91.amzn1.noarch
tomcat8-servlet-3.1-api-8.5.81-1.91.amzn1.noarch
tomcat8-admin-webapps-8.5.81-1.91.amzn1.noarch
src:
tomcat8-8.5.81-1.91.amzn1.src
Amazon Linux AMI: All versions
tomcat8: before 8.5.81-1.91
External linkshttp://alas.aws.amazon.com/ALAS-2022-1627.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
2) Data Handling
EUVDB-ID: #VU63225
Risk: Low
CVSSv3.1: 3.4 [CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L/E:P/RL:O/RC:C]
CVE-ID: CVE-2022-29885
CWE-ID:
CWE-19 - Data Handling
Exploit availability: Yes
DescriptionThe vulnerability allows a remote attacker to perform DoS attack.
The vulnerability exists due to an error in documentation for the EncryptInterceptor, which incorrectly stated that it enabled Tomcat clustering to run over an untrusted network. A remote attacker can perform a denial of service attack against the exposed EncryptInterceptor.
MitigationUpdate the affected packages:
noarch:Vulnerable software versions
tomcat8-jsp-2.3-api-8.5.81-1.91.amzn1.noarch
tomcat8-javadoc-8.5.81-1.91.amzn1.noarch
tomcat8-lib-8.5.81-1.91.amzn1.noarch
tomcat8-webapps-8.5.81-1.91.amzn1.noarch
tomcat8-8.5.81-1.91.amzn1.noarch
tomcat8-el-3.0-api-8.5.81-1.91.amzn1.noarch
tomcat8-log4j-8.5.81-1.91.amzn1.noarch
tomcat8-docs-webapp-8.5.81-1.91.amzn1.noarch
tomcat8-servlet-3.1-api-8.5.81-1.91.amzn1.noarch
tomcat8-admin-webapps-8.5.81-1.91.amzn1.noarch
src:
tomcat8-8.5.81-1.91.amzn1.src
Amazon Linux AMI: All versions
tomcat8: before 8.5.81-1.91
External linkshttp://alas.aws.amazon.com/ALAS-2022-1627.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.
